CVE-2024-1013

Updated: 2024-03-28 04:49:34.83718

Description:

An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS unixODBC 2.2.14 7.1 HIGH Released CLSA-2024:1712262573 2024-04-23 05:12:49
CentOS 8.4 ELS unixODBC 2.3.7-1 7.1 HIGH Released CLSA-2024:1712261674 2024-04-04 17:09:59
CentOS 8.5 ELS unixODBC 2.3.7-1 7.1 HIGH Released CLSA-2024:1712490771 2024-04-07 09:53:52
CloudLinux 6 ELS unixODBC 2.2.14 7.1 HIGH Released CLSA-2024:1712263480 2024-04-09 11:13:30
Oracle Linux 6 ELS unixODBC 2.2.14 7.1 HIGH Released CLSA-2024:1712263690 2024-04-04 17:10:00
Ubuntu 16.04 ELS unixodbc 2.3.1-4.1 7.1 HIGH Released CLSA-2024:1712837462 2024-04-11 10:04:08
Ubuntu 18.04 ELS unixodbc 2.3.4-1.1 7.1 HIGH Released CLSA-2024:1714462946 2024-04-30 05:07:13